Report - megaf.cc/e/y5jvr0?autostart=true&t=4xjRAPQjA1wKyQ==

Report Overview

Visited public
2024-06-23 15:58:12
Tags
URL
megaf.cc/e/y5jvr0?autostart=true&t=4xjRAPQjA1wKyQ==
Finishing URL
megaf.cc/e/y5jvr0?autostart=true&t=4xjRAPQjA1wKyQ==
IP / ASN
188.114.97.1
#13335 CLOUDFLARENET
Title
Demon.Slayer.Kimetsu.no.Yaiba.S05E03.1080p.WEB-DL.JPN.AAC2.0.H.264.ESub-ToonsHub.mkv

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
proftrafficcounter.com	unknown	2023-11-16	2023-11-21 09:55:14	2024-06-22 22:40:24	417 B	415 B	18.192.184.0
recordedthereby.com	unknown	2024-05-08	2024-05-14 07:24:53	2024-06-22 21:49:00	393 B	28 kB	172.67.208.217
megaf.cc	unknown	unknown	No data	No data	4.1 kB	332 kB	188.114.97.1
capaciousdrewreligion.com	unknown	2023-11-07	2023-11-27 13:27:45	2024-06-22 22:40:24	407 B	375 B	172.240.108.68
unseenreport.com	unknown	2022-03-30	2022-03-30 16:33:17	2024-06-22 17:20:28	730 B	472 B	192.243.59.13
r10.o.lencr.org	unknown	2020-06-29	2024-06-06 21:45:11	2024-06-22 18:19:57	1.3 kB	3.6 kB	23.36.76.226
cdnjs.cloudflare.com	235	2009-02-17	2015-04-17 22:46:33	2024-06-22 20:04:28	424 B	30 kB	104.17.25.14
precedelaxative.com	unknown	2024-06-13	2024-06-17 09:27:27	2024-06-22 16:52:51	431 B	18 kB	192.243.61.225

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-06-23	medium	precedelaxative.com	Sinkholed
2024-06-23	medium	capaciousdrewreligion.com	Sinkholed
2024-06-23	medium	unseenreport.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (8)

	URL	From	Size	First Seen	Last Seen
	unknown	ScriptElement	32 B	2023-03-07	2025-04-11
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:24 Last Seen2025-04-11 19:07 Times Seen188 Hash 16952761300c866b8cd44e2c66250ed3 b46eda62fd58298bac362e61042293f38304b3b9 7653f123e669cb603e8c8f870e9f02b9669d7af8780311e97f7dcdd3e895787a Loading...

	megaf.cc/assets/players/jwplayer-8.26.9/jwplayer.js?v1	ScriptElement	110 kB	2024-04-24	2024-08-29
Pretty URL megaf.cc/assets/players/jwplayer-8.26.9/jwplayer.js?v1 IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-24 22:22 Last Seen2024-08-29 18:14 Times Seen164 Hash a27042e4168b8224e40c7f36c3a36d1e ba1f8b5fc524e8e96a57682a00bb689d174fb600 a37e9266fd7dad068329b7af30e5c3c4982611b2be7cceb649aa9b61f4fc68cf Loading...

	precedelaxative.com/52/ba/41/52ba419ba307b72ff4090aea25de5317.js	ScriptElement	41 kB	2024-08-19	2024-08-19
Pretty URL precedelaxative.com/52/ba/41/52ba419ba307b72ff4090aea25de5317.js IP 192.243.61.225 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-19 19:06 Last Seen2024-08-19 19:06 Times Seen1 Hash f0a8e84bdf29854d262e46a48feae6d3 41e7ac263e7bc970aaa16f05f7e8faab12480320 5a414aeef4af8da99f5ea96c3c08ffa20f5fd803d0b484f6f638873a434fa178 Loading...

	cdnjs.cloudflare.com/ajax/libs/jquery/1.9.0/jquery.min.js	ScriptElement	93 kB	2023-03-07	2025-05-02
Pretty URL cdnjs.cloudflare.com/ajax/libs/jquery/1.9.0/jquery.min.js IP 104.17.25.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-05-02 13:13 Times Seen1724 Hash 0652da382b6fceb033dfe2b6c06d4d11 002da8cbe90fcf32fbdebb72386125079e3805ee 7fa0d5c3f538c76f878e012ac390597faecaabfe6fb9d459b919258e76c5df8e Loading...

	megaf.cc/futoken	ScriptElement	293 B	2024-08-19	2024-08-19
Pretty URL megaf.cc/futoken IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-19 19:06 Last Seen2024-08-19 19:06 Times Seen1 Hash 4ec8c7ead7f84330176729bcadf11979 43661bdd49540970cf13c2b29a0b4c4a5a70d024 3936dd1c87fdb1472366e2ed6b989a64bb8234f1b79b8ad3962c76cc1e0e9651 Loading...

	capaciousdrewreligion.com/advertisers.js	ScriptElement	0 B	0001-01-01	2025-05-03
Pretty URL capaciousdrewreligion.com/advertisers.js IP 172.240.108.68 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen0001-01-01 00:00 Last Seen2025-05-03 04:13 Times Seen4599580 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	megaf.cc/assets/megaf/min/embed.js?v=190455d60a3	ScriptElement	194 kB	2024-06-23	2024-08-19
Pretty URL megaf.cc/assets/megaf/min/embed.js?v=190455d60a3 IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-06-23 17:58 Last Seen2024-08-19 19:06 Times Seen2 Hash e42b06a43388e74fa9e95156792789d1 0e10a79f13620a60b008ba995e9c5755783d0e5c d7d86bcb52de1d05cacedc9a3c6ad3347fc8a52a995d9be4e493e6ad1c0faa46 Loading...

	recordedthereby.com/sfp.js	ScriptElement	85 kB	2024-05-17	2025-01-21
Pretty URL recordedthereby.com/sfp.js IP 172.67.208.217 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-17 16:43 Last Seen2025-01-21 11:22 Times Seen13574 Hash 7e3e44049654b6e244c1777e68ffb8e7 8f2a8298666d607afd92a0baa362ef4dc9ccd039 4acac8b8ff23671d365150818f3c39bbbfa08b1a1842d73de5933e0fea26454b Loading...

HTTP Transactions (18)

URL IP Response Size

r10.o.lencr.org/

23.36.76.226

504 B

URL
r10.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
31c219b3ac9b4615f1a78cd882995e6c
1bb1aedb59500ceabd4f44ae9b7317c544084afd
6e8de7454df9b981f3c2bd8746558f3eb5c48599c66fc0f5301169c0ed42c8fe

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "6E8DE7454DF9B981F3C2BD8746558F3EB5C48599C66FC0F5301169C0ED42C8FE"
Last-Modified: Sat, 22 Jun 2024 11:47:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7374
Expires: Sun, 23 Jun 2024 18:00:41 GMT
Date: Sun, 23 Jun 2024 15:57:47 GMT
Connection: keep-alive

r10.o.lencr.org/

23.36.76.226

504 B

URL
r10.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
f0269d61bdfd971c035a90020cb9f629
06631fd5df5a9bd3b9673361601cc37a34e64f69
47b785dc0588f89f6a0bd23143e340c2fa04f194c59853f63e8b937964655373

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "47B785DC0588F89F6A0BD23143E340C2FA04F194C59853F63E8B937964655373"
Last-Modified: Sat, 22 Jun 2024 04:21:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8009
Expires: Sun, 23 Jun 2024 18:11:16 GMT
Date: Sun, 23 Jun 2024 15:57:47 GMT
Connection: keep-alive

cdnjs.cloudflare.com/ajax/libs/jquery/1.9.0/jquery.min.js

104.17.25.14

200 OK

30 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/jquery/1.9.0/jquery.min.js
IP
104.17.25.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://megaf.cc/e/y5jvr0?autostart=true&t=4xjRAPQjA1wKyQ==
Certificate
IssuerLet's Encrypt
Subjectcdnjs.cloudflare.com
Fingerprint3B:5B:7C:DD:19:E8:16:5A:09:22:D6:1E:03:84:8D:B9:A1:32:BF:8E
ValiditySun, 02 Jun 2024 00:47:32 GMT - Sat, 31 Aug 2024 00:47:31 GMT

File type
JavaScript source, ASCII text, with very long lines (32132)
Size
30 kB (29505 bytes)
Hash
0652da382b6fceb033dfe2b6c06d4d11
002da8cbe90fcf32fbdebb72386125079e3805ee
7fa0d5c3f538c76f878e012ac390597faecaabfe6fb9d459b919258e76c5df8e

HTTP Headers

GET /ajax/libs/jquery/1.9.0/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://megaf.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 23 Jun 2024 15:57:47 GMT
content-type: application/javascript; charset=utf-8
content-length: 29505
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec4-16b8c"
last-modified: Mon, 04 May 2020 16:11:48 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 241658
expires: Fri, 13 Jun 2025 15:57:47 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YeGTKuzo5%2F5t1KqG0xCPA%2FxnGMwzgEwHNNjvMARUxhXsx8R%2B8FsBVi2a0Ho91XZpdgUJyNpc%2FhxhfGv8atgPpdSWbqIrPYgJD6Rw%2BOeA47xjyrClKBc2alIJVEj9MvnwE0K3leUO"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 8985ad043adb7130-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

precedelaxative.com/52/ba/41/52ba419ba307b72ff4090aea25de5317.js

192.243.61.225

200 OK

17 kB

URL GET HTTP/1.1
precedelaxative.com/52/ba/41/52ba419ba307b72ff4090aea25de5317.js
IP
192.243.61.225:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://megaf.cc/e/y5jvr0?autostart=true&t=4xjRAPQjA1wKyQ==
Certificate
IssuerLet's Encrypt
Subjectprecedelaxative.com
Fingerprint7B:48:55:CB:3B:08:29:E9:A7:CF:74:37:13:68:94:14:E1:C9:18:46
ValidityThu, 13 Jun 2024 12:28:58 GMT - Wed, 11 Sep 2024 12:28:57 GMT

File type
JavaScript source, ASCII text, with very long lines (40654), with no line terminators
Size
17 kB (16670 bytes)
Hash
f0a8e84bdf29854d262e46a48feae6d3
41e7ac263e7bc970aaa16f05f7e8faab12480320
5a414aeef4af8da99f5ea96c3c08ffa20f5fd803d0b484f6f638873a434fa178

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /52/ba/41/52ba419ba307b72ff4090aea25de5317.js HTTP/1.1
Host: precedelaxative.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://megaf.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sun, 23 Jun 2024 15:57:47 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: 6d9723779b2206b072dfcc019d1cc556
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

proftrafficcounter.com/stats

18.192.184.0

200 OK

40 B

URL GET HTTP/2
proftrafficcounter.com/stats
IP
18.192.184.0:443
ASN
#16509 AMAZON-02

Requested by
https://megaf.cc/e/y5jvr0?autostart=true&t=4xjRAPQjA1wKyQ==
Certificate
IssuerAmazon
Subjectproftrafficcounter.com
FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6
ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
88329c8c5729401f850d6aa4f6170886
155ffceb2ada9ad3a52dbf199665208b2af89399
7862ff6e247a983241bf894234dae05be7db24f152524e3be516566a69e70098

HTTP Headers

GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://megaf.cc
DNT: 1
Connection: keep-alive
Referer: https://megaf.cc/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 23 Jun 2024 15:57:48 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://megaf.cc
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=2c47ae6c-5c1c-4d54-b1e0-97858f818758:2:1; expires=Wed, 21 Jun 2034 15:57:48 GMT; secure; SameSite=None
X-Firefox-Spdy: h2

recordedthereby.com/sfp.js

172.67.208.217

200 OK

28 kB

URL GET HTTP/2
recordedthereby.com/sfp.js
IP
172.67.208.217:443
ASN
#13335 CLOUDFLARENET

Requested by
https://megaf.cc/e/y5jvr0?autostart=true&t=4xjRAPQjA1wKyQ==
Certificate
IssuerGoogle Trust Services LLC
Subjectrecordedthereby.com
FingerprintA3:3F:9B:AE:CF:C6:1B:C3:8B:FC:65:01:2F:06:6A:22:60:3C:8E:AF
ValidityWed, 08 May 2024 14:16:18 GMT - Tue, 06 Aug 2024 14:16:17 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Size
28 kB (27526 bytes)
Hash
7e3e44049654b6e244c1777e68ffb8e7
8f2a8298666d607afd92a0baa362ef4dc9ccd039
4acac8b8ff23671d365150818f3c39bbbfa08b1a1842d73de5933e0fea26454b

HTTP Headers

GET /sfp.js HTTP/1.1
Host: recordedthereby.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://megaf.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 23 Jun 2024 15:57:48 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: no-cache, max-age=0, private, no-cache
x-request-id: cdae3737c45166162e17b483c85794d8
pragma: no-cache
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UOTXI9kzV0vd9Taf%2FA3ioHEjrfsk9bpxd3fceJb9ESegsyAPgniryCc0ICHqKZNvtr9XzIR81RJUh1P2Se9%2BBhH116SUE0Lx99jAo1vf2JV%2BHkNfdxEWLxCoNJHq41sl0S3fK5Lp"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8985ad07cad0569b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

megaf.cc/favicon.ico

188.114.97.1

200 OK

0 B

URL GET HTTP/3
megaf.cc/favicon.ico
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://megaf.cc/e/y5jvr0?autostart=true&t=4xjRAPQjA1wKyQ==
Certificate
IssuerGoogle Trust Services
Subjectmegaf.cc
FingerprintF3:DD:CD:2C:5A:AD:29:04:14:E0:66:92:F0:1E:57:F1:21:59:C2:97
ValiditySun, 23 Jun 2024 00:35:22 GMT - Sat, 21 Sep 2024 00:35:21 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: megaf.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://megaf.cc/e/y5jvr0?autostart=true&t=4xjRAPQjA1wKyQ==
Cookie: dom3ic8zudi28v8lr6fgphwffqoz0j6c=2c47ae6c-5c1c-4d54-b1e0-97858f818758%3A2%3A1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 23 Jun 2024 15:57:48 GMT
content-type: image/x-icon
content-length: 0
cache-control: max-age=14400
cf-cache-status: EXPIRED
last-modified: Sun, 23 Jun 2024 13:02:51 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aJvOLrDk5mrmBy7DewhsSQddhLHKE6N3jEy7LPUV1UlYrYWmJNdHSy4d1ZVtRpOJDjMv973QOuTiSAMduvk2ODGr2i7%2FU2a00LaaN5aB0I7gMA1HZkrPCKdY%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8985ad0a2e94b4f4-OSL
alt-svc: h3=":443"; ma=86400

capaciousdrewreligion.com/advertisers.js

172.240.108.68

200 OK

0 B

URL GET HTTP/1.1
capaciousdrewreligion.com/advertisers.js
IP
172.240.108.68:443
ASN
#7979 SERVERS-COM

Requested by
https://megaf.cc/e/y5jvr0?autostart=true&t=4xjRAPQjA1wKyQ==
Certificate
IssuerLet's Encrypt
Subjectcapaciousdrewreligion.com
FingerprintBB:9C:12:88:24:43:D4:47:71:3F:F0:A4:BB:E1:85:65:CE:E7:92:E4
ValidityMon, 06 May 2024 02:35:23 GMT - Sun, 04 Aug 2024 02:35:22 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /advertisers.js HTTP/1.1
Host: capaciousdrewreligion.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://megaf.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sun, 23 Jun 2024 15:57:49 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: 6d9784de38de63978dcccf6a83be318d
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains

megaf.cc/mediainfo/ViFRsaMd4IHOpYUnXelgSjbGJ_JNmg9CZLQgJGGYlXC0R_Yu8g2KOdg80WSUSHvKlQ==,192,217,181,151,169,164,151,171?autostart=true&t=4xjRAPQjA1wKyQ==

188.114.97.1

200 OK

48 B

URL GET HTTP/3
megaf.cc/mediainfo/ViFRsaMd4IHOpYUnXelgSjbGJ_JNmg9CZLQgJGGYlXC0R_Yu8g2KOdg80WSUSHvKlQ==,192,217,181,151,169,164,151,171?autostart=true&t=4xjRAPQjA1wKyQ==
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://megaf.cc/e/y5jvr0?autostart=true&t=4xjRAPQjA1wKyQ==
Certificate
IssuerGoogle Trust Services
Subjectmegaf.cc
FingerprintF3:DD:CD:2C:5A:AD:29:04:14:E0:66:92:F0:1E:57:F1:21:59:C2:97
ValiditySun, 23 Jun 2024 00:35:22 GMT - Sat, 21 Sep 2024 00:35:21 GMT

File type
gzip compressed data, from Unix
Size
48 B (48 bytes)
Hash
085d96cafe8c6348c23bf94b1b831260
3a38e0b12087208f49bd79e81e1483c13f99abd2
c3c3e3fe6bd728209f57591b806cfe932ab8dae8d55631c8423a514c8d658f8a

HTTP Headers

GET /mediainfo/ViFRsaMd4IHOpYUnXelgSjbGJ_JNmg9CZLQgJGGYlXC0R_Yu8g2KOdg80WSUSHvKlQ==,192,217,181,151,169,164,151,171?autostart=true&t=4xjRAPQjA1wKyQ== HTTP/1.1
Host: megaf.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://megaf.cc/e/y5jvr0?autostart=true&t=4xjRAPQjA1wKyQ==
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 23 Jun 2024 15:57:48 GMT
content-type: application/json
content-encoding: gzip
x-cache: MISS
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kfz%2BQTjpGqyOQeMAdZ%2ByzSWtBy%2FdzSdvXh4Lwu948Ph4cnqxRnCbt6fwC7OoCZ5gsUq6zILZT9SfMXQlOO65UfQClemac9f244PNPLytFZ7%2BpcPuV2Kq%2BlL4aA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8985ad098df2b4f4-OSL
alt-svc: h3=":443"; ma=86400

r10.o.lencr.org/

23.36.77.32

504 B

URL
r10.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
fe36e270c1ecfa3891cc7b505e7894b6
ce43401e7146eb139a1e3caf7db957e6b9531dc3
bd791e8f44b990a0091febc3cc3b24799eb26b87fe5aa381ad98ae4662f7f802

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "BD791E8F44B990A0091FEBC3CC3B24799EB26B87FE5AA381AD98AE4662F7F802"
Last-Modified: Sun, 23 Jun 2024 05:32:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11631
Expires: Sun, 23 Jun 2024 19:11:40 GMT
Date: Sun, 23 Jun 2024 15:57:49 GMT
Connection: keep-alive

r10.o.lencr.org/

23.36.77.32

504 B

URL
r10.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
fe36e270c1ecfa3891cc7b505e7894b6
ce43401e7146eb139a1e3caf7db957e6b9531dc3
bd791e8f44b990a0091febc3cc3b24799eb26b87fe5aa381ad98ae4662f7f802

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "BD791E8F44B990A0091FEBC3CC3B24799EB26B87FE5AA381AD98AE4662F7F802"
Last-Modified: Sun, 23 Jun 2024 05:32:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11631
Expires: Sun, 23 Jun 2024 19:11:40 GMT
Date: Sun, 23 Jun 2024 15:57:49 GMT
Connection: keep-alive

megaf.cc/views/4702260

188.114.97.1

200 OK

9.3 kB

URL GET HTTP/3
megaf.cc/views/4702260
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://megaf.cc/e/y5jvr0?autostart=true&t=4xjRAPQjA1wKyQ==
Certificate
IssuerGoogle Trust Services
Subjectmegaf.cc
FingerprintF3:DD:CD:2C:5A:AD:29:04:14:E0:66:92:F0:1E:57:F1:21:59:C2:97
ValiditySun, 23 Jun 2024 00:35:22 GMT - Sat, 21 Sep 2024 00:35:21 GMT

File type
ASCII text
Size
9.3 kB (9300 bytes)
Hash
b912d22e1bdb0027532bb3187edc602c
e9b6dad1262e2d4ce2138d662d481dff7da7013c
9c28e139406c5971229e4b43ecef6f88fd0b3c743e4294734bd2d303957e9de3

HTTP Headers

GET /views/4702260 HTTP/1.1
Host: megaf.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://megaf.cc/e/y5jvr0?autostart=true&t=4xjRAPQjA1wKyQ==
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 23 Jun 2024 15:57:48 GMT
content-type: text/html
m-cache: BYPASS
x-cache: HIT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9Y0symTvKus0SUZDQ4xCz78gn%2FZQwZHG54ThcyTiWfY1sT0FoGQ9gfP11%2FV8M1yVMxAIwui2SJeFq4WOa8sPXXVwRimUkHA2GnpLMYtplcYMly5QDhBBNy2R%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8985ad094da9b4f4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

megaf.cc/assets/megaf/min/embed.css?v=19043ebf75f

188.114.97.1

200 OK

13 kB

URL GET HTTP/3
megaf.cc/assets/megaf/min/embed.css?v=19043ebf75f
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://megaf.cc/e/y5jvr0?autostart=true&t=4xjRAPQjA1wKyQ==
Certificate
IssuerGoogle Trust Services
Subjectmegaf.cc
FingerprintF3:DD:CD:2C:5A:AD:29:04:14:E0:66:92:F0:1E:57:F1:21:59:C2:97
ValiditySun, 23 Jun 2024 00:35:22 GMT - Sat, 21 Sep 2024 00:35:21 GMT

File type
gzip compressed data, from Unix
Size
13 kB (12618 bytes)
Hash
f95daa0ee63e30496696a288d08f3212
45483dfd7b13171580235669fe726ca32d027104
2db1d5ac9f3f63e43e1fca54dacb306a69226e23be4703496d18a85bf7603629

HTTP Headers

GET /assets/megaf/min/embed.css?v=19043ebf75f HTTP/1.1
Host: megaf.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://megaf.cc/e/y5jvr0?autostart=true&t=4xjRAPQjA1wKyQ==
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 23 Jun 2024 15:57:47 GMT
content-type: text/css
last-modified: Sun, 23 Jun 2024 07:07:36 GMT
etag: W/"6677c9b8-2152"
content-encoding: gzip
m-cache: MISS
expires: Tue, 23 Jul 2024 07:09:25 GMT
cache-control: max-age=2678400
access-control-allow-origin: *
cf-cache-status: HIT
age: 31702
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=q1vwv3c%2FzXNKK0CgwxKN0fs%2Fl30xmGfZXBZxfDgCnaMQ5jYRand1v6spLb%2FSYwdpAsU6z57rK%2FRvxqp7VEvP14qmJv7apIDLUH0aMQqEj16%2F167y7PTE4F2FEw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8985ad041f25b4f4-OSL
alt-svc: h3=":443"; ma=86400

megaf.cc/e/y5jvr0?autostart=true&t=4xjRAPQjA1wKyQ==

188.114.97.1

200 OK

1.1 kB

URL User Request GET HTTP/2
megaf.cc/e/y5jvr0?autostart=true&t=4xjRAPQjA1wKyQ==
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services
Subjectmegaf.cc
FingerprintF3:DD:CD:2C:5A:AD:29:04:14:E0:66:92:F0:1E:57:F1:21:59:C2:97
ValiditySun, 23 Jun 2024 00:35:22 GMT - Sat, 21 Sep 2024 00:35:21 GMT

File type
HTML document, ASCII text, with very long lines (1123), with no line terminators
Size
1.1 kB (1075 bytes)
Hash
f0f010cdd4740e4134f0ec5a3f296be3
2ae51ded81acf7ec6326cbb890fa4a668cce51ba
4e8c05bfb391502c3b5682e3c2a9245e3952b05f18379e3c8749df1e48f8e982

HTTP Headers

GET /e/y5jvr0?autostart=true&t=4xjRAPQjA1wKyQ== HTTP/1.1
Host: megaf.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 23 Jun 2024 15:57:47 GMT
content-type: text/html; charset=UTF-8
m-cache: HIT
x-cache: HIT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zV6QMa2MqGnrlVggIc8DeN7PTija1I9iRMEkqdjlGz846eKMMK7%2BM0hg2i2UjvcGdBD6jD2AL%2FzOHu95RoZbjBHfUVYjRNFgeskD297anOiTeOiIkd2jYOaHOw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8985ad019f345693-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

megaf.cc/assets/megaf/min/embed.js?v=190455d60a3

188.114.97.1

200 OK

194 kB

URL GET HTTP/3
megaf.cc/assets/megaf/min/embed.js?v=190455d60a3
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://megaf.cc/e/y5jvr0?autostart=true&t=4xjRAPQjA1wKyQ==
Certificate
IssuerGoogle Trust Services
Subjectmegaf.cc
FingerprintF3:DD:CD:2C:5A:AD:29:04:14:E0:66:92:F0:1E:57:F1:21:59:C2:97
ValiditySun, 23 Jun 2024 00:35:22 GMT - Sat, 21 Sep 2024 00:35:21 GMT

File type

Size
194 kB (194203 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /assets/megaf/min/embed.js?v=190455d60a3 HTTP/1.1
Host: megaf.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://megaf.cc/e/y5jvr0?autostart=true&t=4xjRAPQjA1wKyQ==
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 23 Jun 2024 15:57:47 GMT
content-type: application/javascript
last-modified: Sun, 23 Jun 2024 13:51:05 GMT
etag: W/"66782849-2f69b"
content-encoding: gzip
m-cache: HIT
expires: Tue, 23 Jul 2024 13:51:07 GMT
cache-control: max-age=2678400
access-control-allow-origin: *
cf-cache-status: HIT
age: 7600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=b7XdV4YTMPbPF4CBsoD%2FgVxYH5NAdqTKX4vQl2xO5I6la8HGAzXw6bNgMYyqkIPs6OaTVc9f0l%2FK%2FNnUElk%2Ff%2F9nJnebMJbS7DmBNzv4KLnZVnQAL%2Bco9Ee%2Fkg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8985ad042f32b4f4-OSL
alt-svc: h3=":443"; ma=86400

megaf.cc/assets/players/jwplayer-8.26.9/jwplayer.js?v1

188.114.97.1

200 OK

110 kB

URL GET HTTP/3
megaf.cc/assets/players/jwplayer-8.26.9/jwplayer.js?v1
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://megaf.cc/e/y5jvr0?autostart=true&t=4xjRAPQjA1wKyQ==
Certificate
IssuerGoogle Trust Services
Subjectmegaf.cc
FingerprintF3:DD:CD:2C:5A:AD:29:04:14:E0:66:92:F0:1E:57:F1:21:59:C2:97
ValiditySun, 23 Jun 2024 00:35:22 GMT - Sat, 21 Sep 2024 00:35:21 GMT

File type

Size
110 kB (109779 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /assets/players/jwplayer-8.26.9/jwplayer.js?v1 HTTP/1.1
Host: megaf.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://megaf.cc/e/y5jvr0?autostart=true&t=4xjRAPQjA1wKyQ==
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 23 Jun 2024 15:57:47 GMT
content-type: application/javascript
last-modified: Mon, 18 Sep 2023 22:03:52 GMT
etag: W/"6508c948-1acd3"
content-encoding: gzip
m-cache: MISS
expires: Tue, 23 Jul 2024 06:54:55 GMT
cache-control: max-age=2678400
access-control-allow-origin: *
cf-cache-status: HIT
age: 32572
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jOLxYYry7vSoWaLtvH6GUp65QN04gcRGSY%2FqdtCBG1MChWxNAT6pdGAShafLH10%2F3F593vjsz7Jfqk5%2BybrwBY83vSIxDQMP9qOW%2BjObbY4r8UAuV3ubWWq6tg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8985ad042f31b4f4-OSL
alt-svc: h3=":443"; ma=86400

unseenreport.com/pxf.gif?uuid=2c47ae6c-5c1c-4d54-b1e0-97858f818758&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=52ba419ba307b72ff4090aea25de5317&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=15

192.243.59.13

200 OK

0 B

URL GET HTTP/1.1
unseenreport.com/pxf.gif?uuid=2c47ae6c-5c1c-4d54-b1e0-97858f818758&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=52ba419ba307b72ff4090aea25de5317&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=15
IP
192.243.59.13:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://megaf.cc/e/y5jvr0?autostart=true&t=4xjRAPQjA1wKyQ==
Certificate
IssuerLet's Encrypt
Subject*.unseenreport.com
FingerprintF5:95:0F:2B:01:D6:36:49:AB:2E:61:76:F7:EC:A5:45:3D:F1:0E:59
ValidityTue, 21 May 2024 07:36:27 GMT - Mon, 19 Aug 2024 07:36:26 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pxf.gif?uuid=2c47ae6c-5c1c-4d54-b1e0-97858f818758&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=52ba419ba307b72ff4090aea25de5317&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=15 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://megaf.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 23 Jun 2024 15:57:49 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: 1624c3b6c23b259260ea16c30a435139
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains

megaf.cc/futoken

188.114.97.1

200 OK

293 B

URL GET HTTP/3
megaf.cc/futoken
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://megaf.cc/e/y5jvr0?autostart=true&t=4xjRAPQjA1wKyQ==
Certificate
IssuerGoogle Trust Services
Subjectmegaf.cc
FingerprintF3:DD:CD:2C:5A:AD:29:04:14:E0:66:92:F0:1E:57:F1:21:59:C2:97
ValiditySun, 23 Jun 2024 00:35:22 GMT - Sat, 21 Sep 2024 00:35:21 GMT

File type
JavaScript source, ASCII text, with no line terminators
Size
293 B (293 bytes)
Hash
4ec8c7ead7f84330176729bcadf11979
43661bdd49540970cf13c2b29a0b4c4a5a70d024
3936dd1c87fdb1472366e2ed6b989a64bb8234f1b79b8ad3962c76cc1e0e9651

HTTP Headers

GET /futoken HTTP/1.1
Host: megaf.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://megaf.cc/e/y5jvr0?autostart=true&t=4xjRAPQjA1wKyQ==
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 23 Jun 2024 15:57:47 GMT
m-cache: MISS
x-cache: HIT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4jOLjCxZEz952DTRJj3kanCU9EfZAjil2%2FTddIRKuZUP3iTt%2BEF1tAzlV8lSzmWTvYYtnkARRjkoMymYHBK19R7dzS5ct0iaNSw05NnNdRoVZVS5ex0aecavVA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8985ad042f29b4f4-OSL
alt-svc: h3=":443"; ma=86400

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (8)

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (18)

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash